Most of us have heard of the five stages of grief. Richard Massey of Arcserve has now listed the seven stages of cyber resilience. As posted on https://www.cybersecurityintelligence.com/blog/the-seven-stages-of-cyber-resilience-7050.html they are:
- Shock and denial: awareness of risk to business data, and denial it could happen to your business.
- Pain and guilt: understanding the gravity of the threat, and regret it wasn't taken seriously.
- Anger and bargaining: the anger may be directed at cybercriminals, or inwardly for previous lack of concern. There may be a search for a "quick fix" which does not solve the problem.
- Depression: feeling overwhelmed by complexity and impact of potential loss.
- Upward turn: taking concrete steps to improve data resilience. Determine critical operating systems and data that need protection.
- Reconstruction: work on data protection strategies. Train staff. Improve backup and recovery so a data breach can be mitigated,
- Acceptance: with proper controls in place, a business can survive a cyber attack.
Small and medium businesses focus on day to day operations and pay limited attention to cybersecurity. An Arcserve survey showed only 23% of SMBs have mature data resilience strategies. If your organization does not have a strategy, find a service provider who can take you through the seven stages of cyber resilience.